- Make a list of web accounts you use where security matters: email (first and foremost), banking, credit cards, backup (e.g. Mozy, Carbonite, iCloud), file storage (Dropbox, Evernote), e-commerce (PayPal, Venmo) health information, etc.
- Check if those sites are vulnerable to the Heartbleed bug here (see safe list below).
- Change your password for each site IF the site is patched or shows as not vulnerable. (I know it's a pain, but better safe than sorry). DO NOT USE THE SAME PASSWORD
- Keep a close eye on financial statements for any unauthorized activity.
>>If the site is still vulnerable, WAIT to change your password
until the site is secure.<<
The following major sites have already been patched or were probably not vulnerable, so you can skip step 2:
As always, let us know if you have questions.